CS-220 Spring 2019 Test 2 Version A Apr. 22, 2019 Name: 1. (10 points) For the following, Check T if the statement is true, or F if the statement is false. (a) X T F : The X86 "mov" instruction handles initializing a register to a constant, initializing memory to a constant, copying data from one register to another, copying data from a register to memory, and copying data from memory to a register, but cannot copy data from memory to another location in memory. (b) X T F : In the X86 calling conventions, the caller pushes the return address on the stack in the "callq" instruction, and the callee pops the return address from the stack in the "retq" instruction. This violates stack ettiquette because the caller does not pop everything it pushed, but it still works because the return address will always be popped just before returning to the caller. (c) X T F : If an X86 instruction modifies the data in the %al register in X86, then it also modifies the values in the %ax, %eax, and %rax registers. (d) X T F : If you are debugging code that has been compiled by gcc without the -g flag, then the gdb "next" command will execute instructions until either the next breakpoint is reached, or the program either normally or abnormally ends. (e) T X F : The hardware required to add two unsigned integers to each other is different than the hardware required to add two signed integers to each other. The hardware is exactly the same. The only difference is how overflow is handled. (f) X T F : One of the reasons that X86-64 is so complicated is because it is downward compatible with over 40 years of X86 architecture development, including a version of X86 that ran on the very first personal computers in the 1970's. (g) T X F : If there is no width suffix (such as 'b', 'w', 'l', or 'q') associated with an X86 op-code, and none of the arguments of the instruction are registers, then the op-code will perform a 64 bit operation. If no width is specified, then the assembler flags the instruction as illegal. There is no default width in X86. (h) T X F : In the X86-64 ISA, while an instruction is executing in the ALU, the %rip register contains the address in memory of that instruction. The %rip register points to the next instruction as soon as the previous instruction is decoded. (i) X T F : If I execute the instruction "test -0x4(%rbp),$0x1", followed by the instruction "je .L5", then the jump to .L5 will occur only if the four bytes of memory at %rbp-4, interpretted as either a signed or unsigned number, is an exact multiple of some number times 2. (j) T X F : If two computers have different microprocessor chips, then they require different Instruction Set Architectures (ISA's) in order to support the different hardware. Many different hardware implementations can support the same Instruction Set Architecture, and it is very common for very different microprocessor chips to support a single ISA. Page 1 of 9 Answer the following by checking all correct answers. 2. (6 points) Given the stack memory dump in figure 1 on page 9, what is the value of the caller's %rbp register? 0x564ce4d02a9d 0x564ce60c96e0 0x564ce4d02c80 0xffffffff33bdf170 X 7ffdc52e0070 None of the above The %rbp register always points at the value of the caller's %rbp. 3. (6 points) The C if condition on line 20 in leftBit.c from Listing 1 on page 7 caused the gcc compiler to generate a compare instruction at which offset in either Listing 2 on page 8, Listing 3 on page 8, or Listing 4 on page 8? 90f X 99c a26 a54 a83 None of the above Line 20 is in the leftBit function, and the if statement is the first instruction, so the compare right after the preamble of the leftBit function at offset 99c is the correct offset. Furthermore, it is clear that this instruction compares a zero value to the first parameter of leftBit. 4. (6 points) The leftBit from Listing 1 on page 7 caused the gcc compiler to generate the object code in Listing 3 on page 8. In the leftBit function, which non-volatile (blue) registers are modified inside the leftBit function, and must be restored before leftBit returns? (Check all that apply.) %rbx X %rsp X %rbp %r12 %r13 %r14 %r15 The %rbp value is pushed on the stack in the preamble and popped off the stack in the exit code. The %rsp value is not saved and restored in the stack, but it is logically saved and restored since we can derive it's value from %rbp. None of the other non-volatile registers are used in the leftBit function. 5. (6 points) The x86 "sar" instruction at offset 9c6 in Listing 3 on page 8 shifts the value in the %eax register one bit to the right. In class, we learned that shifting one bit to the right is almost the same as dividing by two, but shifting to the right always rounds down, whereas dividing by two should round towards zero. With this in mind, what is the range of offsets of instructions generated by the gcc compiler to implement the C instruction on line 24 in Listing 1 on page 7? 9ac-9b3 9bc-9c1 9c6-9c8 9bc-9c6 X 9bc-9c8 None of the above The gcc compiler checks to see if "w" is negative starting at offset 9bc by copying it to %edx, and shifting to the right by 31 bits, leaving just the sign bit in %edx. It adds the sign bit to the "w" value before shifting, so that if "w" is negative, it will round up instead of rounding down. The "sar" instruction at offset 9c6 does the divide, and the result is copied to "hw" at -0cx(%rbp) at offset 9c8. 6. (6 points) The value "X= " referenced in the C instruction on line 14 in Listing 1 on page 7 is kept in which section of the ELF executable file generated by the compiler from the leftBit.c code? .text .plt got X .rodata .data .bss None of the above Since the value does not fit in an instruction, the compiler needs to put it in a data section. It has an initial value, so it can't be in .bss, and there is no way to modify it, so .rodata is a better choice than .data. Page 2 of 9 7. (6 points) Given the stack memory dump in figure 1 on page 9, and assuming that UNIX loaded the code at address 0x564ce4d02000, which callq instruction in either Listing 2 on page 8, Listing 3 on page 8, or Listing 4 on page 8 was run by the caller to generate the stack frame values? 963: callq a31 <printBin> 96d: callq 991 <leftBit> X a0b: callq a31 <printBin> a66: callq 740 <putchar@plt> a98: callq aa0 <printStackInfo> None of the above The return address is above where %rbp points, and subtracting the return address from the load location gets offset a10, which is the instruction after the callq instruction that generated the stack frame values. Note that the question should have read generate the current stack frame values. Or better yet, which callq instruction invoked the function executing in the current stack frame. Given the ambiguous question, "b" is an acceptable answer as well, because leftBit's return address of 0000564ce4d02972 has offset 972, which is the return from the callq at offset 96d. I gave 2 points partial credit for a98 printStackInfo because that is what prints the stack info (and it's in the call stack, but not printed). 8. (6 points) The C while condition on line 23 in leftBit.c from Listing 1 on page 7 caused the gcc compiler to generate a compare instruction at which offset in either Listing 2 on page 8, Listing 3 on page 8, or Listing 4 on page 8? 90f 99c X a26 a54 a83 None of the above The gcc compiler translates a while loop by putting the condition at the bottom of the loop, and branching down to that condition at loop entry, in this case, the jmp instruction at offset 9ba, which jumps to a26. The instruction at a26 compares a 1 value against -0x4(%rbp), which from the initializations, is a reference to the "w" local variable. 9. (6 points) The declaration/assignment statement on line 21 in leftBit.c from Listing 1 on page 7 caused the gcc compiler to generate an instruction at which offset in Listing 3 on page 8? 999 9a2 X 9ac 9b3 9bf None of the above Line 21 initializes the local variable "w" to 32 or 0x20 after the if statement on line 20. If the if condition on line 20 is false, the code jumps to offset 9ac, which assigns 0x20 to -0x4(%rbp) which is a valid location for a local variable, so 9ac is the correct offset. Answer the following questions by filling in the blanks. 10. (6 points) Based on the stack information in figure 1 on page 9, and the x86 assembler code derived from leftBit.c in Listing 2 on page 8, Listing 3 on page 8 and Listing 4 on page 8, and assuming the code is loaded at 0x564ce4d02000, what is the value of the local variable, mask, in the current function's caller's stack frame? (You may express your answer in hexadecimal.) 0x0000ff00 The current %rbp points at the top of the current stack frame.